Gernot Starke talks about arc42: an open-source set of templates he developed to document software architecture based on his practical experience with real projects. Also Gernot and host Eberhard then discuss how documenting architecture fits into agile processes and how to find the right amount of documentation for a system. They walk through the different parts of the arc42 templates covering requirements and the context of the system and the solution structure, including building blocks, runtime, and deployment. They discuss tooling, versioning, testing documentation, and how to keep documentation up to date.

Björn Rabenstein discusses the field of Site Reliability Engineering (SRE) with host Robert Blumen. The term SRE has recently emerged to mean Google's approach to DevOps. The publication of Google's book on SRE has brought many of their practices into more public discussion. The interview covers: what is distinct about SRE versus devops; the SRE focus on development of operational software to minimize manual tasks; the emphasis on reliability; Dickerson's hierarchy of reliability; how reliability can be measured; is there such a thing as too much reliability?; can Google's approach to SRE be applied outside of Google?; Björn's experience in applying SRE to Soundcloud - what worked and what did not; how can engineers best apply SRE to their organizational situation?; the importance of monitoring; monitoring and alerting; being on call, responding to incidents; the importance of documentation for responding to problems; they wrap up with a discussion of why people from non-computer science backgrounds are often found in devops and SRE.

Asaf Yigal talks with SE Radio’s Edaena Salinas about machine learning in log analysis. The discussion starts with an overview of the structure of logs and what information they can contain. Asaf discusses what the log analysis process looks like without machine learning -- and the role of humans in this – before moving on to how the process is improved by incorporating external resources using machine learning. Topics include: log analysis, machine learning, operations.

Bryan Reinero talks with Harsh Sinha, VP of  Engineering at TransferWise, about Product Management. Mr. Sinha details how requirements are derived from user needs, how to measure product success, and how successful product management is done.

What is code coverage, how can you measure it, and what are the pitfalls of this metric? Diomidis Spinellis talks with Marc Hoffmann, a key developer of the JaCoCo code coverage library for Java, on how code test coverage can improve software reliability

Felienne interviews Andreas Stefik about creating programs that are accessible for blind and visually impaired users. How do they consume and create software?

Natalie Silvanovich and Kim Carter discuss reducing the attack surface of the software that Engineers are creating today. Code sharing, third-party code, Developer workflow, and a collection of 0 day bugs are all discussed.

Travis Kimmel and Kevin Goldsmith discuss the correspondence between organizational design and software architecture. Their conversation covers: what Conway’s Law is; Kevin’s experiences in different organizational structures (e.g., Avvo, Spotify, Adobe, and Microsoft) and how those structures influenced the software architecture; what the “Reverse Conway Maneuver” is and how organizations can leverage it; how organizations can evolve existing architectures.

Felienne interviews Marian Petre & André van der Hoek on their book ‘Software Design Decoded’, which contains 66 scientifically backed insights for the design process.

Ben Sigelman CEO of LightStep and co-author of the OpenTracing standard discusses distributed tracing, a form of event-driven observability for debugging distributed systems, understanding latency outlyers, and delivering "white box" analytics.

István Lam of Tresorit talks with host Kim Carter about GDPR (the EU General Data Protection Regulation, which has been described as “the most important change in data privacy regulation in 20 years.”)  The discussion covers terminology, planning, implementation, users' rights regarding their personal data, managing personally identifiable information (PII) across an organization, and required documentation. István talks about establishing the intent of different types of PII; when data can be shared or sold, when PII can be stored; storage of backups, and the ability to reveal, modify, or remove all of a customer's PII.

Simon Riggs, founder and CTO of 2nd Quadrant, discusses the advanced features of the Postgres database, that allow developers to focus on applications whilst the database does the heavy lifting of handling large and diverse quantities of data.

Peter Zaitsev explains: avoiding vendor lock-in, judging what databases are bad at, why not to copy the big players, when to "go with the crowd", when to use cloud services vs. running your own infrastructure, and the role of containerization.

Abhinav Asthana, a founding partner and CEO of the API development tool Postman, discusses API design and testing, where to start, which types of APIs to offer, what tools you can use, what features to expose and what is his favorite API to reference.

Ryan Singer on Basecamp’s “Shape Up” software development process. Basecamp has ditched the backlog and 2-week sprint in favor of solution “shaping” and strategic 6-week projects, using tools like scope mapping, checklists, and hill charts to understand and reduce risk.

Sam Procter of the SEI discusses architecture design languages, specifically Architecture Analysis and Design Language, and how we can leverage the formal modeling process to improve the security of our application design and improve applications overall.

Sumit Kumar, Head of Engineering at SHARE NOW talks with Jeremy Jung about creating mapping applications in JavaScript using the Leaflet library.

Felienne spoke with Mike McCourt on difficulties in processing voice data using machine learning.

Ryan Singer, Head of Strategy at Basecamp discusses the mindset and culture behind a successful remote work for engineers. Akshay spoke with Ryan about communication, collaboration and cultural aspects of working remotely.

Arin Bhowmick, Global Vice President and Chief Design Officer at IBM, discusses why and how UX design for enterprise applications is different than for consumer applications.

Felienne discusses diversity and inclusivity in software development with Shawn Wildermuth, Microsoft MVP and creator of the Hello World movie.

Otakar Nieder, Senior Director of Development at Bohemia Interactive Simulations, discusses how simulation apps are different from gaming with host Kanchan Shringi.

CEO and security expert Jason Meller discusses modern tech stacks across a variety of programming languages to consider when building your next project or startup.

Chris Riccomini and Dmitriy Ryaboy discuss their book, The Missing Readme, which is intended to be the missing manual for new software engineers. Felienne spoke with Riccomini and Ryaboy about a range of topics that new software engineers might not have..

Sam Scott, CTO of Oso discusses how to build a global authorization service and challenges with host Priyanka.

This week, Postgres server developer Bruce Momjian joins host Robert Blumen for a discussion of multi-version concurrency control (MVCC) in the Postgres database. They begin with a discussion of the isolation requirement in database transactions (I in ACID); how isolation can be achieved with locking; limitations of locking; how locking limits concurrency and creates variability in query runtimes; multi-version concurrency control as a means to achieve isolation; how Postgres manages multiple versions of a row; snapshots; copy-on-write and snapshots; visibility; database transaction IDs; how tx ids, snapshots and versions interact; the need for locking when there are multiple writers; how MVCC was added to Postgres; and how to clean up unused space left over from aged-out versions.

Richard L. Sites discusses his new book Understanding Software Dynamics, which offers expert methods and advanced tools for understanding complex, time-constrained software dynamics in order to improve reliability and performance. Philip Winston spoke with Sites about the five fundamental computing resources CPU, Memory, Disk, Network, and Locks, as well as methods for observing and reasoning when investigating performance problems using the open-source utility KUtrace.

Omer Katz, a software consultant and core contributor to the Celery discusses the Celery task processing framework with host Nikhil Krishna. We discuss in depth, the Celery task processing framework, it's architecture and the underlying messaging...

In this episode, Deepthi Sigireddi of the Cloud Native Computing Foundation (CNCF) spoke with SE Radio host Nikhil Krishna about how Vitess scales MySQL. They discuss the design and architecture of the product; how Vitess impacts modern data problems;...

Gill Hoffer, co-founder and CTO at Salto, talks with SE Radio host Kanchan Shringi about a new persona -- the Business Engineer -- created by the rise of SaaS and adoption of best-of-breed business applications for back office systems. They examine...

Gill Hoffer, co-founder and CTO at Salto, talks with SE Radio host Kanchan Shringi about a new persona -- the Business Engineer -- created by the rise of SaaS and adoption of best-of-breed business applications for back office systems. They examine...

John Ousterhout, professor of computer science at Stanford University, joined SE Radio host Jeff Doolittle for a conversation about his book, A Philosophy of Software Design. They discussed the history and ongoing challenges of software system design, especially the nature of complexity and the difficulties handling it. The conversation also explored various design concepts from the book, such as modularity, layering, abstraction, information hiding, maintainability, and readability.

Jessi Ashdown and Uri Gilad, authors of the book "Data Governance: The Definitive Guide," discuss what data governance entails, why it's important, and how it can be implemented. Host Akshay Manchale speaks with them about why data governance...

Brian Campbell, Distinguished Engineer at Ping Identity discusses cryptographic defences against stolen tokens for the OAUTH2 protocol with host Priyanka Raghavan. The discussion explores various subtopics such as the history of Proof of possession...

Jonathan Shariat, coauthor of the book Tragic Design, discusses harmful software design. SE Radio host Jeremy Jung speaks with Shariat about how poor design can kill in the medical industry, accidentally causing harm with features meant to bring joy...

Ryan Magee, postdoctoral scholar research associate at LIGO Laboratory – Caltech, joins host Jeff Doolittle for a conversation about how software is used by scientists in physics research. The episode begins with a discussion of gravitational waves...

Roberto Di Cosmo, Computer Science professor at University Paris Diderot and founder of the Software Heritage initiative, discusses how to protect against sudden loss from the collapse of a "free" source code repository provider, how to protect...

Ganesh Datta, CTO and cofounder of Cortex, joins SE Radio's Priyanka Raghavan to discuss site reliability engineering (SRE) vs DevOps. They examine the similarities and differences and how to use the two approaches together to build better software...

We talk with John deVadoss about the philosophies underlying the development of .NET and Azure software. We discuss the "Fiefdoms and Emissaries" concept of building loosely coupled systems, talk about strengths and drawbacks and how to build services...

Matt Frisbie, author of Building Browser Extensions, speaks with host Kanchan Shringi about browser extensions, including key areas where they've been successful. Based on Matt’s experience as a developer working for Google, Doordash, and a startup he founded, they examine tools for building extensions, as well as APIs they have access to. The conversation presents detailed issues such as cross-browser compatibilities to keep in mind when developing extensions and mechanisms in the browser to prevent security vulnerabilities, and finally examines how emerging platforms can help developers take advantage of exciting new possibilities with web extensions.

Adam Tornhill, founder and CTO of CodeScene, joins host Giovanni Asproni to speak about behavioral code analysis. Behavioral code analysis is a set of practical techniques aimed at identifying patterns in how a development organization interacts with the codebase they're building. It can be used to prioritize technical debt to maximize return on investment; to identify communication and team-coordination bottlenecks in code; to drive refactorings guided by data from how the system evolves; and to detect code quality problems before they become maintenance issues. The episode starts with a broad description of the techniques, providing some examples from real projects, and ends with suggestions on how to get started with applying them. During the conversation, Adam and Giovanni touch on a set of related topics, including the applicability of the techniques to legacy, green-, and brown-field projects; ethical and privacy implications; and the importance of context when judging code quality.

Simon Bennetts, a distinguished engineer at Jit, discusses one of the flagship projects of OWASP: the Zed Attack Proxy (ZAP) open source security testing tool. As ZAP’s primary maintainer, Simon traces the tool's origins and shares some anecdotes with SE Radio host Priyanka Raghavan on why there was a need for it. They take a deep dive into ZAP’s features and its ability to integrate with CI/CD, as well as shift security left. Bennetts also considers what it takes to build a successful open source project before spending time on ZAP’s ability to script to provide richer results. Finally, the conversation ends with some questions on ZAP’s future in this AI-powered world of bots.

In this episode, Varun Singh, Chief Products and Technology Officer at Daily.co, speaks with host Nikhil Krishna about the 30-year evolution of web protocols. In particular, they explore the impact of protocol ossification, which has supported the Internet’s success but also limits the flexibility of evolving protocol suites such as TCP/IP and UDP by constraining future development. Varun points out how the end-to-end principle emphasizes full flexibility for end hosts, but the TCP implementation in the OS kernel as well as in “middle boxes” such as ISPs contributes to the constraints of ossification by blocking certain types of traffic. Further, the development of new protocols is challenging due to the need for backward compatibility with existing protocols. They discuss Google’s efforts – and the challenges it has faced – in working to move the HTTP protocol forward. The role of standards bodies such as the IETF and collaboration between industry stakeholders is crucial for the evolution of internet protocols, requiring a balance between maintaining backward compatibility and introducing new protocols such as QUIC and HTTP/3 to address existing constraints and improve internet performance and security. indeed, QUIC includes features that seek to actively avoid ossification and encourage evolution.

In this episode, Ori Mankali, senior VP of engineering at cloud security startup Akeyless, speaks with SE Radio’s Nikhil Krishna about secrets management and the innovative use of distributed fragment cryptography (DFC). In the context of enterprise IT, 'secrets’ are crucial for authentication in providing access to internal applications and services. Ori describes the unique challenges of managing these sensitive data, particularly given the complexities of doing so on a large scale in substantial organizations. They discuss the necessity for a secure system for managing secrets, highlighting key features such as access policies, audit capabilities, and visualization tools. Ori introduces the concept of distributed fragment cryptography, which boosts security by ensuring that the entire secret is never known to any single entity. The episode explores encryption and decryption and the importance of key rotation, as they consider the challenges and potential solutions in secrets management.

Josh Doody, author of Mastering Business Email, speaks with host Brijesh Ammanath about how software engineers can master business communication. They begin with an exploration of various communication modes, including Slack, virtual meetings, emails, and presentations. Josh shares several strategies to improve communication skills and cross-cultural communication, but if there's one key take away from this episode, it might be: “use positive language for any medium of communication; be kind and use positive words.” Brought to you by IEEE Software magazine and IEEE Computer Society.

William Morgan, founder of the Linkerd service mesh and CEO of Bouyant, joins SE Radio’s Robert Blumen for a discussion of sidecars, service mesh, and a forthcoming enhancement to kubernetes to support sidecars natively. The conversation explores the origin of sidecars, sidecars and service mesh, and migrating service mesh to kubernetes. They take a deep dive into some aspects of running service mesh on kubernetes, the difficulties in running a sidecar container in a pod, and Kubernetes Enhancement Proposal (KEP) 753, which is intended to provide better native support for sidecar containers. William also gives some thoughts on the continuing relevance of service mesh.

Lane Wagner of Boot.dev speaks with host Philip Winston about Go, the programming language that's popular for web, cloud, devops, networking, and other types of development. In addition to discussing existing features such as structs, interfaces, concurrency, and error handling, Lane and Philip take a deep look at generics, a recent addition to the language. They also explore the developer experience with Go.